s3:smbd: Fix CID 1449599 replacing memcpy to memmove to avoid overflow

Here reply_smb1_outbuf is allocating the req->outbuf buffer, hence
safest way to use is memmove that has a checks for overlap instead of
memcpy.

This fixes coverity issue#1449599

Signed-off-by: Shweta Sodani <ssodani@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Shwetha K Acharya <Shwetha.K.Acharya@ibm.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Aug  1 11:03:06 UTC 2025 on atb-devel-224

diff --git a/source3/smbd/smb1_reply.c b/source3/smbd/smb1_reply.c
index 83b754f9c77dc8da0ee822f2a76c4bffbfbf8771..aff33a3501cd429b46adf294de8b1e63166a2990 100644 (file)
--- a/source3/smbd/smb1_reply.c
+++ b/source3/smbd/smb1_reply.c
@@ -3812,7 +3812,7 @@ void error_to_writebrawerr(struct smb_request *req)
 
        reply_smb1_outbuf(req, 1, 0);
 
-       memcpy(req->outbuf, old_outbuf, smb_size);
+       memmove(req->outbuf, old_outbuf, smb_size);
        TALLOC_FREE(old_outbuf);
 }